Recent Posts

Study References

This is feature is used to split an autonomous system into smaller autonomous systems or the reverse which is to combine several autonomous systems into one. Reasons of splitting might be IGP's like OSPF might not be able to handle the routes of a really big enterprise so splitting the AS into smaller will help OSPF scale better, or perhaps the enterprise wants to have separate administrative control per region and wants to control the routing policies on their specific regions. This could also be used if there are company mergers and they want to appear as one AS to other EBGP peers. One thing that intrigues me though is that one of the materials I was using mentioned that this could also be a work around for the BGP Split Horizon Rule. I really doubt that Confederations can be a work around for that. I'll find out for sure in this lab.

The diagram below shows 5 Routers with each its own AS number. The goal here to group these routers into one confederation and make them appear as AS1234 to R5 in AS5.

I have configured static routes for reachability. Notice as well that I am using EBGP-multihop feature for EBGP neighbors. I have configured Loopback10 11.11.11.11/32 in R1 and lets see how R2,R3,R4 and R5 see this prefix.

All of them is seeing this prefix sourcing from an EBGP. Now let's configure R1, R2, R3 and R4 as one confederation and let's see how the BGP table looks like after that. To configure BGP confederations, what are needed is the confederation ID and the peer ASes belonging to that confederation.

It's clear that its now behaving like they are in one AS. In R4, you can see that it enclosed the AS path in parenthesis, which means AS is using BGP confederation. I have not configured any route reflector here but R4 is still learning the prefix as advertised by R2 and R3. Therefore in some way it circumvents the BGP Split Horizon rule. In a confederation, it may appear like its one AS but it functions how the peering is configured whether its IBGP or EBGP. Going back, R5 is not seeing anything. You know why? It's because R4 doesn't know how to get to 1.1.1.1 inorder to reach 11.11.11.11/32. It won't advertise anything to R5 until it knows how to get to the destination. Let's configure a static route.

EBGP peering between R4 and R5 is still there but R5 is still using 4 as the remote-as of R4. It may learn the prefix even though the remote-as number for 4.4.4.4 hasn't been changed, however if the link goes down or the BGP session is cleared, BGP will generate now an error that neighbor in wrong AS. Let's change that config to 1234 and check if R5 now sees 11.11.11.11/32.

Wow lot's of questions on this one. I must be missing something. Why doesn't R2 in the first sh ip bgp show 2nd path through R4? Why does R4 choose the path through R2 over R3? Why does R4 not indicate a selected path with the > ? I do appreciate you taking the time to post.

Post a Comment

Certifications

The Dreamer

A fun loving person who enjoys learning new things. Currently working as a Network Engineer supporting the global network of a Fortune 500 company. This blog serves as my notes for the labs I created for my CCIE journey. I can guarantee there are errors in my posts. If you spot them, please let me know.